Previous articleBack to news listNext article
|
Sponsored links |
Want to become one of our authors and see your work published on ALLSeek.iNFO ?
|
| ReGet Directory Traversal Bug May Cause Files to Be Downloaded to Arbitrary Locations |
|---|
Categorie: Vulnerability
Posted: 2004-03-24 by ReCall
Views: 391
Source: Click here
| Current Rating: Not rated
|
|
| Details |
|---|
Description: An input validation vulnerability was reported in ReGet. Files may be downloaded to the wrong directory on the target system.
SECURITY.NNOV reported that a remote user can create a specially crafted filename containing encoded directory traversal characters so that when the target user downloads the file using ReGet, the file will be written to an arbitrary location on the target user's system.
For example, the following demonstration exploit filename will be saved to 'c:etcshadow' on the target user's system:
/support/download.jsp?filename=..%2F ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow
snifer at mailru333.com is credited with reporting this flaw.
Impact: A remote user can cause a file downloaded by the target user to be written to an arbitrary location on the target user's system
(subject to the privileges of the target user).
Solution: No solution was available at the time of this entry.
|
| Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=778
|
| User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
|
Previous articleBack to news listNext article
|
